We will always strive to continue improving the quality of care and the handling of your personal data from time to time.
- Personal Data Protection Policy
- Data Usage by Companies under the NITORI Group
- Data Collection FAQ
- Personal Data Protection Policy
Compliance with laws, rules and guidelines
We pledge to comply with the Personal Data Protection Act 2010 for the purpose of protection of personal data in Malaysia (further referred to as "Act") and relevant directives from the Ministry responsible for personal data protection (further known as "Ministry") on collection, holding, storage, sharing, processing and the use of your personal data and other relevant matters as defined in the Act.
Personal Data Collection
Personal data is information that can be used to identify your identity either by itself or with other data we collect or have access to. In the case of personal data and other information combined (for example, personal data via login account details or demographic information), the information is categorized as personal data.
- Personal contact information (name, residential home address or correspondence address, telephone number or e-mail);
- Login information;
- Demographic information (date of birth, age, etc.);
- Computerized technical information (IP address, computer operating system, web browser, etc.);
- The information filled by the customer, including but not limited to the information you fill and share to us or any other party including our social media sites, including but not limited to Facebook, Instagram, Youtube or Twitter;
- Social media information, including but not limited to information that is a part of your profile on third-party social media sites (such as but not limited to Facebook) for which you allow the social media to share information with us; and
- Payment information, including but not limited to credit card details, names and addresses on your transaction bill.
We and/or our third party service providers may collect your personal data:
- directly from you;
- when you register as a member on the Website;
- where you access and interact with the Website;
- when you communicate with our customer service, delivery partners and other service providers;
- when you place an order; and/or
- when you subscribe to our newsletter.
When you publish Content or Review on the Website, you acknowledge that the Content or Review becomes available on the public domain and we are not able to control how the Content or Review will be used or processed by the public, and we shall not hold any responsibility and liability for the processing of such Content or Review by any person.
Purpose of Data Collection
You acknowledge and consent that by providing your personal data to us, we may use, disclose and otherwise process your personal data for the purposes for which it was collected and/or for a related purpose, including without limitation:
- for all matters pertaining to the contract entered or to be entered into between you and us and/or to provide you with our services; contract implementation for our products, management after contract period, and after-sales service;
- for registration or withdrawal from NITORI membership;
- to process your requests and orders and to provide you with the customer services and information offered through our Website and which you may request;
- to process communication regarding withdrawal or damaged product;
- to deliver products that you purchase from our Website and to update you on the delivery progress and for customer support purposes;
- to personalise your online shopping experience. Information regarding your product preferences helps us to better respond to your individual needs;
- to send periodic emails and newsletters with information and updates pertaining to your order, in addition to occasional company news, updates, related product or service information, etc.; to send information to you about product launch, product announcement, service, campaign;
- to our third party service providers to assist us in providing and improving our services to you, and to analyse and better understand our customer’s needs or to develop, improve and market our products and services to you;
- for the purpose of product development, questionnaire, survey etc.;
- to establish relationships for business or other meetings;
- to monitor your compliance with the contract entered into between you and us and our policies, procedures, rules and regulations;
- to enforce our rights and remedies against you and/or any third party;
- for regulatory reporting, compliance monitoring and to conform to legal requirements;
- to various regulatory bodies and law enforcement officials and agencies to protect against fraud and for related security purposes;
- to our international third-party service providers to include in a database compiled by us or our third-party service provider for use in order and delivery management, direct marketing of promotions, product and services we think may interest you;
- to seek your feedback in relation to customer satisfaction and our relationship with you. We continually strive to improve the quality and standard of service provided to you by the Website based on the information and feedback we receive from you;
- to verify and carry out financial transactions in relation to payments you may make online.;
- for the purpose of record keeping in the ordinary course of our business; and
- for any purposes ancillary, relating to or in connection with the above, or the activities, dealings or transactions on the Website.
Change of the terms concerning the usage of personal data
We may change the purpose of use as described above in the event of reasonable and relevant requirements catering to the purpose of the original use. In such a situation, we will notify our customers in advance and obtain the permission of each individual customer regarding the change in the terms concerning the usage of personal data on our Website or other platforms or via e-mail and SMS.
Scope of Use
We will only handle personal data within the required scope to achieve the purpose of use. In the event of rare and unpredicted occurrences, we shall obtain the individual’s permission first, unless it is for one of the following situations:
- prevention or detection of crime or for investigation purposes;
- arrest or prosecution of legal offenders;
- valuation or assessment of taxes or any other similar payments;
- other guidelines or instructions issued by the Ministry and gazetted for the Act; or
- to comply with any legal requirements applicable to or imposed on us;
- to protect your vital interests;
- for the administration of justice; or
- for the exercise of any functions conferred on any person by or under any law.
Procuring User Data
We shall collect personal data based on the Personal Data Protection Standard 2015 issued under the Act.
Sensitive Personal Data
If the need arises to process sensitive personal data for reasons as stated in the purpose of use, we will get the initial permission of the individual. Notwithstanding the foregoing, we may process sensitive personal data for the following circumstances without having to obtain separate permission:
- for the execution or claim of rights or obligation under the law against an individual in the regards of employment;
- to protect the interests of an individual or other person, where the truth cannot be granted by the individual or his representative or is impossible for us to obtain permission in a normal and reasonable manner;
- to protect the interests of an individual or other person, where the permission by the individual or his representative is deliberately not granted;
- for medical purposes - under the custody of a professional in the field of healthcare or a person who has the same confidentiality responsibility with professionals in the field of healthcare;
- for any relevant legal action;
- to seek legal advice;
- to create, carry or defend the rights under the law;
- to administer the system of legal justice;
- to carry out any function given to a person by or under the law;
- other purposes perceived by the Ministry; or
- the information contained in personal data has been publicly known as a result of an individual's actions and in such instance, we will not be required to obtain the individual’s permission in respect of such personal data.
Precision of Personal Data
We take reasonable steps to ensure that the information we hold about you is accurate, complete and up to date. To assist us in doing this, please provide us with the correct information and inform us if your details change. You have the right to access and correct your personal information held by us about you. You can access and correct your personal information under “My Account”. Alternatively, you may update them at any time by emailing us at firstname.lastname@example.org.
Retention of Personal Data
We will take necessary and appropriate actions for security control purposes to protect personal data from unauthorized access, forgery, leakage, loss or damage to personal data. While care is taken to protect your personal data on the Website, unfortunately no data transmission over the Internet is guaranteed as 100% secure. Accordingly, we cannot ensure or warrant the security of any information you send to us or receive from us online.
Monitoring of Work Personnel
We will ensure appropriate surveillance of our employees and conduct the necessary training and education for the purpose of personal data security control.
Disclosure of Personal Data to Third Parties
We may disclose, share and transfer your personal data with mutual users as stated in the Data Usage by Companies under the NITORI Group (hereinafter referred to as "joint users") and third parties acting on our behalf as our agent, contractor, service providers and/or professional advisors who provide us with administrative and business support services.
- to our employees, agents, affiliates and associated companies;
- to any person to whom we are under an obligation to make disclosure under any applicable laws;
- to any court and/or officer of the court;
- to our auditors, legal advisers, compliance professionals and other advisers;
- to our payment gateway service providers;
- to our delivery partners; and
- to our service providers and vendors.
We may also transfer, disclose or share your personal data with joint sponsors and promotional partners who may engage, or in some cases, transfer your personal data outside Malaysia as stated below.
Transfer of Personal Data Abroad
Our information technology facilities and storage servers and the joint users may be in other regions outside Malaysia, including but not limited to Japan. As a result of this, your personal data may be disclosed or transferred to entities and/or stored in any place outside Malaysia or in any country where you access our Website, including but not limited to Japan.
Confirmation and Storage of Records
We will confirm and store records accurately and in accordance with relevant laws and guidelines, particularly those issued under the Act, when exchanging information in your personal data with third parties.
Cookies may record information about your visit, including the type of browser and operating system you use, the previous site you visited, your server’s IP address, the pages you access, and the information downloaded by you. While this anonymous statistical data may be aggregated and used in broader statistical analysis by NITORI and our web monitoring service provider to improve our services, at no time can NITORI personally identify you as the source of that data.
Third Party Links
The Website may contain links to websites which are owned or operated by other parties. These third-party sites have separate and independent privacy policies. NITORI is not responsible for information on, or the privacy practices of, such websites.
Providing Personal Data about Another Person
As a user of the Website, you represent to NITORI that in the event where you provide personal data to us about another person (eg. ordering on behalf of another person), you are authorized to provide that information to us, and that you will inform that person who we are, how we use and disclose their information, and that they can gain access to that information.
We offer the option to apply for access, reveal, update, or correct your personal data and opt out on ways of how we communicate with you. We will provide feedback on any form of request, notification, access application and the correction of matters relating to your personal data obtained as stated by the Act. Please refer to Data Collection FAQ for more information on the above-mentioned matters. Your use or access to the Website and its related sites, services and tools may be limited, suspended or terminated (as we in our discretion deem fit) if you impose any limit on us in the processing of your personal data or if you withdraw your consent for us to process your data.
However, we reserve the right to reject an application for access or extending the confirmation before allowing access to the permissible grounds under the Act, if granting access to you may be a risk to your privacy, or the circumstances in which the rights of others may also be interrupted.
- Data Usage by Companies under the NITORI Group
The NITORI Group may jointly use personal data operated in each company under the NITORI Group of Companies to provide the best service to all relevant parties. However, in the event of any changes within the joint user environment or the officer responsible for handling joint use, you will be informed in advance or we will provide convenience so you can easily access the information. You hereby clearly give us permission to transfer and store your personal data with any NITORI Group of Companies in any place outside Malaysia.
Items of Mutual Use
Name, address, date of birth, phone number, fax number, e-mail address, purchase record (cancellation), record of member card usage, coupon usage record, and query content.
* This excludes sensitive personal data provided to Nitori Facility Co. Ltd. in the purchase of insurance products.
Scope of Joint Usage
Companies under the NITORI Group of Companies
Nitori Holdings Co., Ltd.
Nitori Co., Ltd.
Nitori Facility Co., Ltd.
Home Logistics Co., Ltd.
Nitori Furniture Co., Ltd.
Nitori Public Co., Ltd.
Home Deco Co., Ltd.
KATITAS Co., Ltd.
REPRICE Co., Ltd.
Purpose of Data Use
- Delivery provided by NITORI Group
- Acquisition of after-sales service
- New product alerts
- Market research or data analysis for product expansion, etc.
- Notice of any activities concerning NITORI or Partner Group Activity
- Notice or service proposal for NITORI Group of Companies or partner companies
Offices Responsible for Joint Use
- Nitori Holdings Co., Ltd., Nitori Co., Ltd., Home Logistics Co., Ltd., Nitori Furniture Co., Ltd., Nitori Facility Co., Home Deco Co., Ltd.:
- Pejabat Perkhidmatan Pelanggan <Bahagian Pertanyaan Maklumat Peribadi>
- Nitori Public Co., Ltd.
- Bahagian Hal Ehwal Am & Perakaunan 011-717-5020
- Data Collection FAQ
Feedback and Consultation
If you intend to access, disclose, update, or correct or limit the processing of your Personal Data, please contact the personnel listed in the Personal Data Inquiry section as stated below:
Please contact the Inquiry Division and submit the required information after the identification information and / or confirmation to act as a representative / proxy is provided by the applicant / representative for the purposes of identity verification.
We will provide written answers to individual applicants or proxies regarding the relevant requests after confirming the contents of the documents we receive.
We reserve the right to reject an application or a confirmation of data application before allowing you access to your permitted grounds under the Act, if granting access to you may be a risk to your privacy, or the circumstances in which the rights of others may also be interrupted.
Personal Data Inquiry
NITORI Customer Support (Operation Hours: 10: 00 - 18: 00)
NITORI RETAIL (MALAYSIA) SDN. BHD.
B-5-12, Plaza Bukit Jalil, Aurora Place, Persiaran Jalil 1, 57000 Kuala Lumpur, Malaysia.
Ms. Hannah Tang
+603 9765 1266